$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DF3DB502624011F08C72F822C4F9AE02.roa File: DF3DB502624011F08C72F822C4F9AE02.roa (raw, json) Hash identifier: Bnnm/FPzDHgxPQwzYHgwEFSZUY11JDgK9aQbqPpol5s= Subject key identifier: FD:4E:85:E3:18:F2:E6:89:A4:D0:A9:50:53:09:98:8E:41:A5:6D:25 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C055 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DF3DB502624011F08C72F822C4F9AE02.roa Signing time: Wed 16 Jul 2025 12:42:24 +0000 ROA not before: Wed 16 Jul 2025 12:42:24 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 56201 IP address blocks: 43.239.212.0/23 maxlen: 24 43.239.214.0/23 maxlen: 24 43.246.104.0/22 maxlen: 24 103.103.196.0/22 maxlen: 24 103.122.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 15:24:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49237 (0xc055) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 16 12:42:24 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68779e30-306c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2d:88:8d:f2:e7:b8:06:54:71:d2:39:de:35: b7:30:5c:a1:c0:6d:62:e0:2c:4b:8e:ab:d9:f7:18: fc:c3:75:2b:25:f3:6b:11:18:0c:ae:21:fc:64:a1: 9d:17:53:b9:67:d4:4d:d8:bf:e3:27:4b:29:b2:b9: 44:d6:32:99:d8:34:d8:bc:e7:3b:e7:ac:62:79:3c: cd:07:15:67:b8:97:72:a3:7e:8b:29:7d:50:b4:2f: d9:b2:69:81:0b:4a:26:fc:8b:ae:8c:fa:ac:6f:34: 90:81:f4:1c:72:bc:59:2b:07:16:af:13:8d:e6:3a: d6:5e:97:12:6a:58:06:6d:b5:c1:df:c4:8f:8d:e0: a8:a7:4b:0d:53:33:7a:61:da:96:48:84:8d:5f:90: 3c:c6:33:8a:96:b7:0e:29:a0:c2:a1:aa:a3:01:4d: a8:7c:a3:37:e9:40:8d:0f:79:9f:a6:98:d4:6e:bf: 86:b8:37:df:cf:be:8a:99:50:12:f3:41:8b:a5:3b: 82:08:78:08:90:79:43:88:38:d2:d1:ea:b4:82:ef: 09:d3:ef:c3:90:1f:05:9c:44:ce:4a:93:93:e0:cc: c8:68:89:c9:7c:11:a3:e3:24:bc:53:ff:a3:ca:c5: 29:0a:24:67:b8:de:74:12:8e:48:57:b5:4a:0d:f5: 0d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:4E:85:E3:18:F2:E6:89:A4:D0:A9:50:53:09:98:8E:41:A5:6D:25 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DF3DB502624011F08C72F822C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.212.0/22 43.246.104.0/22 103.103.196.0/22 103.122.78.0/24 Signature Algorithm: sha256WithRSAEncryption 34:92:6c:d1:83:f7:2f:d1:a5:bb:9d:ba:d5:fb:c4:6f:c0:fe: 66:35:67:99:2d:87:76:f2:ef:87:12:89:62:7f:19:83:2c:32: 15:10:93:ed:b6:22:c1:a6:89:71:ff:c1:c6:ab:f8:d8:3e:ac: 06:fc:a7:03:6b:3d:b4:bb:55:20:02:1e:9a:42:d2:19:ff:9c: 88:d1:5b:44:84:f0:bf:7f:96:3a:29:96:09:c1:57:d8:08:51: 35:c8:56:67:0d:6a:01:64:2b:0c:fa:35:d8:04:b5:50:45:27: 83:7b:ab:40:d8:71:c2:7b:88:7d:23:4c:a5:b2:66:b9:5e:e9: 95:03:68:ea:4d:87:fc:fb:7e:31:88:08:34:d3:69:7d:14:b3: 9d:4a:6d:ad:a4:fe:b5:e4:20:8e:30:84:df:6b:6a:a7:fd:dd: 38:a4:46:8f:41:c0:2e:33:94:51:7a:60:9f:64:88:ed:b1:15: 60:78:ef:1c:a1:f2:10:45:f5:70:bd:24:d8:d9:1d:52:82:eb: b1:49:a9:fe:d0:37:1f:86:6e:a2:24:d3:f4:69:2d:45:a1:76: 99:dd:6d:27:1f:1e:28:65:ad:34:fc:9b:a3:5d:3a:60:d5:2b: b7:21:f7:02:58:16:c6:4a:fd:4e:63:93:0d:9a:bc:cd:2e:0a: aa:6b:19:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIDAMBVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDcxNjEyNDIyNFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg3NzllMzAtMzA2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK8tiI3y57gGVHHSOd41tzBcocBtYuAsS46r2fcY/MN1KyXzaxEYDK4h/GSh nRdTuWfUTdi/4ydLKbK5RNYymdg02LznO+esYnk8zQcVZ7iXcqN+iyl9ULQv2bJp gQtKJvyLroz6rG80kIH0HHK8WSsHFq8TjeY61l6XEmpYBm21wd/Ej43gqKdLDVMz emHalkiEjV+QPMYzipa3DimgwqGqowFNqHyjN+lAjQ95n6aY1G6/hrg338++iplQ EvNBi6U7ggh4CJB5Q4g40tHqtILvCdPvw5AfBZxEzkqTk+DMyGiJyXwRo+MkvFP/ o8rFKQokZ7jedBKOSFe1Sg31DQkCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBT9ToXj GPLmiaTQqVBTCZiOQaVtJTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RGM0RCNTAy NjI0MDExRjA4QzcyRjgyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/ BCIwIDAeBAIAATAYAwQCK+/UAwQCK/ZoAwQCZ2fEAwQAZ3pOMA0GCSqGSIb3DQEB CwUAA4IBAQA0kmzRg/cv0aW7nbrV+8RvwP5mNWeZLYd28u+HEolifxmDLDIVEJPt tiLBpolx/8HGq/jYPqwG/KcDaz20u1UgAh6aQtIZ/5yI0VtEhPC/f5Y6KZYJwVfY CFE1yFZnDWoBZCsM+jXYBLVQRSeDe6tA2HHCe4h9I0ylsma5XumVA2jqTYf8+34x iAg002l9FLOdSm2tpP615CCOMITfa2qn/d04pEaPQcAuM5RRemCfZIjtsRVgeO8c ofIQRfVwvSTY2R1SguuxSan+0Dcfhm6iJNP0aS1FoXaZ3W0nHx4oZa00/JujXTpg 1Su3IfcCWBbGSv1OY5MNmrzNLgqqaxms -----END CERTIFICATE-----Generated at Sun Jul 20 22:34:30 2025 by rpki-client